@online{software-org,
	title =       {非盈利国际软件研究组织Software.org},
	citedate =    {2019-02-18},
	url =         {https://software.org/},
	language =    "english",
}


@online{2017-eco-report,
	title =        {The Growing	1 Trillion Dollars	Economic Impact	of Software},
	author =       {非盈利国际软件研究组织Software.org},
	citedate =    {2019-02-18},
	institution =  "BSA Foundation",
	url =          "https://software.org/wp-content/uploads/2017_Software_Economic_Impact_Report.pdf"
}

@online{2018-china-report,
	title =        {2018年软件和信息技术服务业统计公报解读},
	author =       {中华人民共和国工业和信息化部},
	year =         2019,
	month =        2,
	url =          "http://www.miit.gov.cn/n1146285/n1146352/n3054355/n3057511/n3057518/c6633639/content.html"
}

@inproceedings{16-icse-continuous,
	author    = {Tony Savor and
	Mitchell Douglas and
	Michael Gentili and
	Laurie Williams and
	Kent L. Beck and
	Michael Stumm},
	title     = {Continuous deployment at Facebook and {OANDA}},
	booktitle = {Proceedings of the 38th International Conference on Software Engineering,
	{ICSE} 2016, Austin, TX, USA, May 14-22, 2016 - Companion Volume},
	pages     = {21--30},
	year      = {2016},
	url       = {https://doi.org/10.1145/2889160.2889223},
	doi       = {10.1145/2889160.2889223},
	timestamp = {Wed, 14 Nov 2018 10:57:06 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/icse/SavorDGWBS16},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{2011-icsr-reuse,
	author    = {Juha Savolainen and
	Mikko Raatikainen and
	Tomi M{\"{a}}nnist{\"{o}}},
	title     = {Eight Practical Considerations in Applying Feature Modeling for Product
	Lines},
	booktitle = {Top Productivity through Software Reuse - 12th International Conference
	on Software Reuse, {ICSR} 2011, Pohang, South Korea, June 13-17, 2011.
	Proceedings},
	pages     = {192--206},
	year      = {2011},
	url       = {https://doi.org/10.1007/978-3-642-21347-2\_15},
	doi       = {10.1007/978-3-642-21347-2\_15},
	timestamp = {Thu, 15 Jun 2017 21:38:23 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/icsr/SavolainenRM11},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{2013-cbse-reuse,
	author    = {Widura Schwittek and
	Stefan Eicker},
	title     = {A study on third party component reuse in Java enterprise open source
	software},
	booktitle = {CBSE'13, Proceedings of the 16th {ACM} {SIGSOFT} Symposium on Component
	Based Software Engineering, part of Comparch '13, Vancouver, BC, Canada,
	June 17-21, 2013},
	pages     = {75--80},
	year      = {2013},
	url       = {https://doi.org/10.1145/2465449.2465468},
	doi       = {10.1145/2465449.2465468},
	timestamp = {Tue, 06 Nov 2018 16:57:30 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/cbse/SchwittekE13},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}


@online{library,
	title =       {Software Library},
author =       {Wikipedia},
year =         2019,
month =        2,
url =          "https://en.wikipedia.org/wiki/Library_(computing)"
}

@inproceedings{12-ccs-android,
	author    = {Sascha Fahl and
	Marian Harbach and
	Thomas Muders and
	Matthew Smith and
	Lars Baumg{\"{a}}rtner and
	Bernd Freisleben},
	title     = {Why eve and mallory love android: an analysis of android {SSL} (in)security},
	booktitle = {the {ACM} Conference on Computer and Communications Security, CCS'12,
	Raleigh, NC, USA, October 16-18, 2012},
	pages     = {50--61},
	year      = {2012},
	url       = {https://doi.org/10.1145/2382196.2382205},
	doi       = {10.1145/2382196.2382205},
	timestamp = {Tue, 06 Nov 2018 11:07:29 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/ccs/FahlHMSBF12},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{12-ccs-ssl,
	author    = {Martin Georgiev and
	Subodh Iyengar and
	Suman Jana and
	Rishita Anubhai and
	Dan Boneh and
	Vitaly Shmatikov},
	title     = {The most dangerous code in the world: validating {SSL} certificates
	in non-browser software},
	booktitle = {the {ACM} Conference on Computer and Communications Security, CCS'12,
	Raleigh, NC, USA, October 16-18, 2012},
	pages     = {38--49},
	year      = {2012},
	url       = {https://doi.org/10.1145/2382196.2382204},
	doi       = {10.1145/2382196.2382204},
	timestamp = {Tue, 06 Nov 2018 11:07:29 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/ccs/GeorgievIJABS12},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@article{13-tosem-missing-call,
	author    = {Martin Monperrus and
	Mira Mezini},
	title     = {Detecting missing method calls as violations of the majority rule},
	journal   = {{ACM} Trans. Softw. Eng. Methodol.},
	volume    = {22},
	number    = {1},
	pages     = {7:1--7:25},
	year      = {2013},
	url       = {https://doi.org/10.1145/2430536.2430541},
	doi       = {10.1145/2430536.2430541},
	timestamp = {Wed, 14 Nov 2018 10:16:56 +0100},
	biburl    = {https://dblp.org/rec/bib/journals/tosem/MonperrusM13},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{13-ccs-misuse,
	author    = {Manuel Egele and
	David Brumley and
	Yanick Fratantonio and
	Christopher Kruegel},
	title     = {An empirical study of cryptographic misuse in android applications},
	booktitle = {2013 {ACM} {SIGSAC} Conference on Computer and Communications Security,
	CCS'13, Berlin, Germany, November 4-8, 2013},
	pages     = {73--84},
	year      = {2013},
	url       = {https://doi.org/10.1145/2508859.2516693},
	doi       = {10.1145/2508859.2516693},
	timestamp = {Tue, 06 Nov 2018 11:07:30 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/ccs/EgeleBFK13},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{14-apsys-case,
	author    = {David Lazar and
	Haogang Chen and
	Xi Wang and
	Nickolai Zeldovich},
	title     = {Why does cryptographic software fail? a case study and open problems},
	booktitle = {Asia-Pacific Workshop on Systems, APSys'14, Beijing, China, June 25-26,
	2014},
	pages     = {7:1--7:7},
	year      = {2014},
	url       = {https://doi.org/10.1145/2637166.2637237},
	doi       = {10.1145/2637166.2637237},
	timestamp = {Tue, 06 Nov 2018 16:59:01 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/apsys/LazarCWZ14},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{15-icpc-api,
	author    = {Joshua Sunshine and
	James D. Herbsleb and
	Jonathan Aldrich},
	title     = {Searching the state space: a qualitative study of {API} protocol usability},
	booktitle = {Proceedings of the 2015 {IEEE} 23rd International Conference on Program
	Comprehension, {ICPC} 2015, Florence/Firenze, Italy, May 16-24, 2015},
	pages     = {82--93},
	year      = {2015},
	url       = {https://doi.org/10.1109/ICPC.2015.17},
	doi       = {10.1109/ICPC.2015.17},
	timestamp = {Mon, 22 May 2017 17:11:18 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/iwpc/SunshineHA15},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{16-ase-spec,
	author    = {Owolabi Legunsen and
	Wajih Ul Hassan and
	Xinyue Xu and
	Grigore Rosu and
	Darko Marinov},
	title     = {How good are the specs? a study of the bug-finding effectiveness of
	existing Java {API} specifications},
	booktitle = {Proceedings of the 31st {IEEE/ACM} International Conference on Automated
	Software Engineering, {ASE} 2016, Singapore, September 3-7, 2016},
	pages     = {602--613},
	year      = {2016},
	url       = {https://doi.org/10.1145/2970276.2970356},
	doi       = {10.1145/2970276.2970356},
	timestamp = {Tue, 06 Nov 2018 16:58:23 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/kbse/LegunsenHXRM16},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{09-icse-doc,
	author    = {Uri Dekel and
	James D. Herbsleb},
	title     = {Improving {API} documentation usability with knowledge pushing},
	booktitle = {31st International Conference on Software Engineering, {ICSE} 2009,
	May 16-24, 2009, Vancouver, Canada, Proceedings},
	pages     = {320--330},
	year      = {2009},
	url       = {https://doi.org/10.1109/ICSE.2009.5070532},
	doi       = {10.1109/ICSE.2009.5070532},
	timestamp = {Thu, 15 Jun 2017 21:42:44 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/icse/DekelH09},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{16-icse-cry,
	author    = {Sarah Nadi and
	Stefan Kr{\"{u}}ger and
	Mira Mezini and
	Eric Bodden},
	title     = {Jumping through hoops: why do Java developers struggle with cryptography
	APIs?},
	booktitle = {Proceedings of the 38th International Conference on Software Engineering,
	{ICSE} 2016, Austin, TX, USA, May 14-22, 2016},
	pages     = {935--946},
	year      = {2016},
	url       = {https://doi.org/10.1145/2884781.2884790},
	doi       = {10.1145/2884781.2884790},
	timestamp = {Tue, 06 Nov 2018 11:06:56 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/icse/NadiKMB16},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{16-msr-mubench,
	author    = {Sven Amann and
	Sarah Nadi and
	Hoan Anh Nguyen and
	Tien N. Nguyen and
	Mira Mezini},
	title     = {MUBench: a benchmark for API-misuse detectors},
	booktitle = {Proceedings of the 13th International Conference on Mining Software
	Repositories, {MSR} 2016, Austin, TX, USA, May 14-22, 2016},
	pages     = {464--467},
	year      = {2016},
	url       = {https://doi.org/10.1145/2901739.2903506},
	doi       = {10.1145/2901739.2903506},
	timestamp = {Tue, 06 Nov 2018 16:57:14 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/msr/AmannNNNM16},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@online{CVE-2015-0288,
	title =       {CVE-2015-0288},
	citedate =    {2019-02-18},
	url =         {https://www.cvedetails.com/cve/CVE-2015-0288/}
}

@online{openssl,
	title = {OpenSSL: cryptography and SSL/TLS toolkit.},
		citedate =    {2019-02-18},
	url = "{https://github.com/openssl/openssl}"
}

@article{ssl,
	author    = {Alfred C. Weaver},
	title     = {Secure Sockets Layer},
	journal   = {{IEEE} Computer},
	volume    = {39},
	number    = {4},
	pages     = {88--90},
	year      = {2006},
	url       = {https://doi.org/10.1109/MC.2006.138},
	doi       = {10.1109/MC.2006.138},
	timestamp = {Wed, 17 May 2017 10:56:45 +0200},
	biburl    = {https://dblp.org/rec/bib/journals/computer/Weaver06a},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@article{15-ieee-doc-fail,
	author    = {Gias Uddin and
	Martin P. Robillard},
	title     = {How {API} Documentation Fails},
	journal   = {{IEEE} Software},
	volume    = {32},
	number    = {4},
	pages     = {68--75},
	year      = {2015},
	url       = {https://doi.org/10.1109/MS.2014.80},
	doi       = {10.1109/MS.2014.80},
	timestamp = {Thu, 18 May 2017 09:53:37 +0200},
	biburl    = {https://dblp.org/rec/bib/journals/software/UddinR15},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{17-icse-api-doc,
	author    = {Yu Zhou and
	Ruihang Gu and
	Taolue Chen and
	Zhiqiu Huang and
	Sebastiano Panichella and
	Harald C. Gall},
	title     = {Analyzing APIs documentation and code to detect directive defects},
	booktitle = {Proceedings of the 39th International Conference on Software Engineering,
	{ICSE} 2017, Buenos Aires, Argentina, May 20-28, 2017},
	pages     = {27--37},
	year      = {2017},
	url       = {https://doi.org/10.1109/ICSE.2017.11},
	doi       = {10.1109/ICSE.2017.11},
	timestamp = {Thu, 07 Sep 2017 09:27:12 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/icse/ZhouGCHPG17},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{16-sp-stack,
	author    = {Yasemin Acar and
	Michael Backes and
	Sascha Fahl and
	Doowon Kim and
	Michelle L. Mazurek and
	Christian Stransky},
	title     = {You Get Where You're Looking for: The Impact of Information Sources
	on Code Security},
	booktitle = {{IEEE} Symposium on Security and Privacy, {SP} 2016, San Jose, CA,
	USA, May 22-26, 2016},
	pages     = {289--305},
	year      = {2016},
	url       = {https://doi.org/10.1109/SP.2016.25},
	doi       = {10.1109/SP.2016.25},
	timestamp = {Fri, 26 May 2017 00:50:06 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/sp/AcarBFKMS16},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@online{stackoverflow,
	title =       {程序设计问答网站},
	citedate =    {2019-02-18},
	url =         {https://stackoverflow.com/},
}

@article{10-ieee-rsse,
	author    = {Martin P. Robillard and
	Robert J. Walker and
	Thomas Zimmermann},
	title     = {Recommendation Systems for Software Engineering},
	journal   = {{IEEE} Software},
	volume    = {27},
	number    = {4},
	pages     = {80--86},
	year      = {2010},
	url       = {https://doi.org/10.1109/MS.2009.161},
	doi       = {10.1109/MS.2009.161},
	timestamp = {Thu, 08 Jun 2017 09:06:57 +0200},
	biburl    = {https://dblp.org/rec/bib/journals/software/RobillardWZ10},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{05-icse-rec,
	author    = {Reid Holmes and
	Gail C. Murphy},
	title     = {Using structural context to recommend source code examples},
	booktitle = {27th International Conference on Software Engineering {(ICSE} 2005),
	15-21 May 2005, St. Louis, Missouri, {USA}},
	pages     = {117--125},
	year      = {2005},
	url       = {https://doi.org/10.1145/1062455.1062491},
	doi       = {10.1145/1062455.1062491},
	timestamp = {Tue, 12 Feb 2019 15:51:45 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/icse/HolmesM05},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{16-icse-doc-stack,
	author    = {Christoph Treude and
	Martin P. Robillard},
	title     = {Augmenting {API} documentation with insights from stack overflow},
	booktitle = {Proceedings of the 38th International Conference on Software Engineering,
	{ICSE} 2016, Austin, TX, USA, May 14-22, 2016},
	pages     = {392--403},
	year      = {2016},
	url       = {https://doi.org/10.1145/2884781.2884800},
	doi       = {10.1145/2884781.2884800},
	timestamp = {Tue, 06 Nov 2018 11:06:56 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/icse/TreudeR16},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{14-msr-stack,
	author    = {Luca Ponzanelli and
	Gabriele Bavota and
	Massimiliano Di Penta and
	Rocco Oliveto and
	Michele Lanza},
	title     = {Mining StackOverflow to turn the {IDE} into a self-confident programming
	prompter},
	booktitle = {11th Working Conference on Mining Software Repositories, {MSR} 2014,
	Proceedings, May 31 - June 1, 2014, Hyderabad, India},
	pages     = {102--111},
	year      = {2014},
	url       = {https://doi.org/10.1145/2597073.2597077},
	doi       = {10.1145/2597073.2597077},
	timestamp = {Tue, 06 Nov 2018 16:57:14 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/msr/PonzanelliBPOL14},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@article{15-tosem-code-cplt,
	author    = {Sebastian Proksch and
	Johannes Lerch and
	Mira Mezini},
	title     = {Intelligent Code Completion with Bayesian Networks},
	journal   = {{ACM} Trans. Softw. Eng. Methodol.},
	volume    = {25},
	number    = {1},
	pages     = {3:1--3:31},
	year      = {2015},
	url       = {https://doi.org/10.1145/2744200},
	doi       = {10.1145/2744200},
	timestamp = {Tue, 06 Nov 2018 12:51:20 +0100},
	biburl    = {https://dblp.org/rec/bib/journals/tosem/ProkschLM15},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{15-coufless-static-survey,
	author    = {Aur{\'{e}}lien Delaitre and
	Bertrand Stivalet and
	Elizabeth Fong and
	Vadim Okun},
	title     = {Evaluating Bug Finders - Test and Measurement of Static Code Analyzers},
	booktitle = {1st {IEEE/ACM} International Workshop on Complex Faults and Failures
	in Large Software Systems, {COUFLESS} 2015, Florence, Italy, May 23,
	2015},
	pages     = {14--20},
	year      = {2015},
	url       = {https://doi.org/10.1109/COUFLESS.2015.10},
	doi       = {10.1109/COUFLESS.2015.10},
	timestamp = {Tue, 23 May 2017 01:11:51 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/icse/DelaitreSFO15},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@ARTICLE{survey18, 
	author={S. Amann and H. A. Nguyen and S. Nadi and T. N. Nguyen and M. Mezini}, 
	journal={IEEE Transactions on Software Engineering}, 
	title={A Systematic Evaluation of Static API-Misuse Detectors}, 
	year={2018},
	pages={1-1 (Early Access)}
}

@inproceedings{18-icse-saful,
	author    = {Mingzhe Wang and
	Jie Liang and
	Yuanliang Chen and
	Yu Jiang and
	Xun Jiao and
	Han Liu and
	Xibin Zhao and
	Jiaguang Sun},
	title     = {{SAFL:} increasing and accelerating testing coverage with symbolic
	execution and guided fuzzing},
	booktitle = {Proceedings of the 40th International Conference on Software Engineering:
	Companion Proceeedings, {ICSE} 2018, Gothenburg, Sweden, May 27 -
	June 03, 2018},
	pages     = {61--64},
	year      = {2018},
	url       = {https://doi.org/10.1145/3183440.3183494},
	doi       = {10.1145/3183440.3183494},
	timestamp = {Wed, 21 Nov 2018 12:43:59 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/icse/WangLC0JLZS18},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{05-icse-static,
	author    = {Nachiappan Nagappan and
	Thomas Ball},
	title     = {Static analysis tools as early indicators of pre-release defect density},
	booktitle = {27th International Conference on Software Engineering {(ICSE} 2005),
	15-21 May 2005, St. Louis, Missouri, {USA}},
	pages     = {580--586},
	year      = {2005},
	url       = {https://doi.org/10.1145/1062455.1062558},
	doi       = {10.1145/1062455.1062558},
	timestamp = {Tue, 12 Feb 2019 15:51:45 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/icse/NagappanB05a},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{18-icse-stack,
	author    = {Tianyi Zhang and
	Ganesha Upadhyaya and
	Anastasia Reinhardt and
	Hridesh Rajan and
	Miryung Kim},
	title     = {Are code examples on an online Q{\&}A forum reliable?: a study
	of {API} misuse on stack overflow},
	booktitle = {Proceedings of the 40th International Conference on Software Engineering,
	{ICSE} 2018, Gothenburg, Sweden, May 27 - June 03, 2018},
	pages     = {886--896},
	year      = {2018},
	url       = {https://doi.org/10.1145/3180155.3180260},
	doi       = {10.1145/3180155.3180260},
	timestamp = {Wed, 21 Nov 2018 12:43:58 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/icse/0001URRK18},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{18-soups-api-blind,
	author    = {Daniela Seabra Oliveira and
	Tian Lin and
	Muhammad Sajidur Rahman and
	Rad Akefirad and
	Donovan Ellis and
	Eliany Perez and
	Rahul Bobhate and
	Lois DeLong and
	Justin Cappos and
	Yuriy Brun},
	title     = {{API} Blindspots: Why Experienced Developers Write Vulnerable Code},
	booktitle = {Fourteenth Symposium on Usable Privacy and Security, {SOUPS} 2018,
	Baltimore, MD, USA, August 12-14, 2018.},
	pages     = {315--328},
	year      = {2018},
	url       = {https://www.usenix.org/conference/soups2018/presentation/oliveira},
	timestamp = {Mon, 20 Aug 2018 14:02:13 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/soups/OliveiraLRAEPBD18},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@article{10-acm-precision,
	author    = {Al Bessey and
	Ken Block and
	Benjamin Chelf and
	Andy Chou and
	Bryan Fulton and
	Seth Hallem and
	Charles{-}Henri Gros and
	Asya Kamsky and
	Scott McPeak and
	Dawson R. Engler},
	title     = {A few billion lines of code later: using static analysis to find bugs
	in the real world},
	journal   = {Commun. {ACM}},
	volume    = {53},
	number    = {2},
	pages     = {66--75},
	year      = {2010},
	url       = {https://doi.org/10.1145/1646353.1646374},
	doi       = {10.1145/1646353.1646374},
	timestamp = {Tue, 06 Nov 2018 12:51:41 +0100},
	biburl    = {https://dblp.org/rec/bib/journals/cacm/BesseyBCCFHHKME10},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{13-icse-donotuse,
	author    = {Brittany Johnson and
	Yoonki Song and
	Emerson R. Murphy{-}Hill and
	Robert W. Bowdidge},
	title     = {Why don't software developers use static analysis tools to find bugs?},
	booktitle = {35th International Conference on Software Engineering, {ICSE} '13,
	San Francisco, CA, USA, May 18-26, 2013},
	pages     = {672--681},
	year      = {2013},
	url       = {https://doi.org/10.1109/ICSE.2013.6606613},
	doi       = {10.1109/ICSE.2013.6606613},
	timestamp = {Tue, 23 May 2017 01:11:49 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/icse/JohnsonSMB13},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@online{code-review,
	title =       {代码审查},
	citedate =    {2019-02-18},
	url =         {https://en.wikipedia.org/wiki/Code\_review},
}

@online{github,
	title =       {Github},
	citedate =    {2019-02-18},
	url =         {https://github.com/about},
}

@online{bitbucket,
	title =       {Bitbucket},
	citedate =    {2019-02-18},
	url =         {https://bitbucket.org/},
}

@inproceedings{17-profes-code-review,
	author    = {Tobias Baum and
	Hendrik Le{\ss}mann and
	Kurt Schneider},
	title     = {The Choice of Code Review Process: {A} Survey on the State of the
	Practice},
	booktitle = {Product-Focused Software Process Improvement - 18th International
	Conference, {PROFES} 2017, Innsbruck, Austria, November 29 - December
	1, 2017, Proceedings},
	pages     = {111--127},
	year      = {2017},
	url       = {https://doi.org/10.1007/978-3-319-69926-4\_9},
	doi       = {10.1007/978-3-319-69926-4\_9},
	timestamp = {Fri, 25 Jan 2019 12:00:39 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/profes/BaumLS17},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{13-icse-code-review,
	author    = {Alberto Bacchelli and
	Christian Bird},
	title     = {Expectations, outcomes, and challenges of modern code review},
	booktitle = {35th International Conference on Software Engineering, {ICSE} '13,
	San Francisco, CA, USA, May 18-26, 2013},
	pages     = {712--721},
	year      = {2013},
	url       = {https://doi.org/10.1109/ICSE.2013.6606617},
	doi       = {10.1109/ICSE.2013.6606617},
	timestamp = {Sun, 04 Jun 2017 10:09:52 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/icse/BacchelliB13},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@article{08-code-review,
	title={Measuring defect potentials and defect removal efficiency},
	author={Jones, Caper},
	journal={CrossTalk The Journal of Defense Software Engineering},
	volume={21},
	number={6},
	pages={11--13},
	year={2008},
	publisher={Citeseer}
}

@inproceedings{13-esem-code-review,
	author    = {Amiangshu Bosu and
	Jeffrey C. Carver},
	title     = {Impact of Peer Code Review on Peer Impression Formation: {A} Survey},
	booktitle = {2013 {ACM} / {IEEE} International Symposium on Empirical Software
	Engineering and Measurement, Baltimore, Maryland, USA, October 10-11,
	2013},
	pages     = {133--142},
	year      = {2013},
	url       = {https://doi.org/10.1109/ESEM.2013.23},
	doi       = {10.1109/ESEM.2013.23},
	timestamp = {Fri, 02 Jun 2017 20:47:17 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/esem/BosuC13},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{15-icse-code-review,
	author    = {Jacek Czerwonka and
	Michaela Greiler and
	Jack Tilford},
	title     = {Code Reviews Do Not Find Bugs. How the Current Code Review Best Practice
	Slows Us Down},
	booktitle = {37th {IEEE/ACM} International Conference on Software Engineering,
	{ICSE} 2015, Florence, Italy, May 16-24, 2015, Volume 2},
	pages     = {27--28},
	year      = {2015},
	url       = {https://doi.org/10.1109/ICSE.2015.131},
	doi       = {10.1109/ICSE.2015.131},
	timestamp = {Tue, 23 May 2017 01:11:51 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/icse/CzerwonkaGT15},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@book{15-pa,
	author    = {Flemming Nielson and
	Hanne Riis Nielson and
	Chris Hankin},
	title     = {Principles of program analysis},
	publisher = {Springer},
	year      = {1999},
	url       = {https://doi.org/10.1007/978-3-662-03811-6},
	doi       = {10.1007/978-3-662-03811-6},
	isbn      = {978-3-540-65410-0},
	timestamp = {Tue, 16 May 2017 14:01:34 +0200},
	biburl    = {https://dblp.org/rec/bib/books/daglib/0098888},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{17-trustcom-test,
	author    = {Jin Li and
	Jinfu Chen and
	Minhuan Huang and
	Minmin Zhou and
	Lin Zhang and
	Wanggen Xie},
	title     = {An Integration Testing Platform for Software Vulnerability Detection
	Method},
	booktitle = {2017 {IEEE} Trustcom/BigDataSE/ICESS, Sydney, Australia, August 1-4,
	2017},
	pages     = {984--989},
	year      = {2017},
	url       = {https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.341},
	doi       = {10.1109/Trustcom/BigDataSE/ICESS.2017.341},
	timestamp = {Fri, 22 Feb 2019 12:38:49 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/trustcom/LiCHZZX17},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@incollection{18-rv,
	author    = {Ezio Bartocci and
	Yli{\`{e}}s Falcone and
	Adrian Francalanza and
	Giles Reger},
	title     = {Introduction to Runtime Verification},
	booktitle = {Lectures on Runtime Verification - Introductory and Advanced Topics},
	pages     = {1--33},
	year      = {2018},
	url       = {https://doi.org/10.1007/978-3-319-75632-5\_1},
	doi       = {10.1007/978-3-319-75632-5\_1},
	timestamp = {Fri, 02 Nov 2018 09:27:01 +0100},
	biburl    = {https://dblp.org/rec/bib/series/lncs/BartocciFFR18},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{07-acm-valgrind,
	author    = {Nicholas Nethercote and
	Julian Seward},
	title     = {Valgrind: a framework for heavyweight dynamic binary instrumentation},
	booktitle = {Proceedings of the {ACM} {SIGPLAN} 2007 Conference on Programming
	Language Design and Implementation, San Diego, California, USA, June
	10-13, 2007},
	pages     = {89--100},
	year      = {2007},
	url       = {https://doi.org/10.1145/1250734.1250746},
	doi       = {10.1145/1250734.1250746},
	timestamp = {Tue, 06 Nov 2018 16:59:30 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/pldi/NethercoteS07},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}


@inproceedings{12-atc-AddressSanitizer,
	author    = {Konstantin Serebryany and
	Derek Bruening and
	Alexander Potapenko and
	Dmitriy Vyukov},
	title     = {AddressSanitizer: {A} Fast Address Sanity Checker},
	booktitle = {2012 {USENIX} Annual Technical Conference, Boston, MA, USA, June 13-15,
	2012},
	pages     = {309--318},
	year      = {2012},
	url       = {https://www.usenix.org/conference/atc12/technical-sessions/presentation/serebryany},
	timestamp = {Wed, 04 Jul 2018 13:06:34 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/usenix/SerebryanyBPV12},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}



@online{clang,
	title =       {Clang: a C language family frontend for LLVM},
	citedate =    {2019-02-18},
	url =         {https://clang.llvm.org/},
}

@online{gcc,
	title =       {GCC: the GNU Compiler Collection},
	citedate =    {2019-02-18},
	url =         {https://gcc.gnu.org/},
}

@online{xcode,
	title =       {Xcode: an integrated development environment (IDE) for macOS},
	citedate =    {2019-02-18},
	url =         {https://developer.apple.com/xcode/},
}

@online{AddressSanitizerFoundBugs,
	title =       {Bugs detected by AddressSanitizer},
	citedate =    {2019-02-18},
	url =         {https://github.com/google/sanitizers/wiki/AddressSanitizerFoundBugs},
}
@inproceedings{18-saner-fuzz,
	author    = {Jie Liang and
	Mingzhe Wang and
	Yuanliang Chen and
	Yu Jiang and
	Renwei Zhang},
	title     = {Fuzz testing in practice: Obstacles and solutions},
	booktitle = {25th International Conference on Software Analysis, Evolution and
	Reengineering, {SANER} 2018, Campobasso, Italy, March 20-23, 2018},
	pages     = {562--566},
	year      = {2018},
	url       = {https://doi.org/10.1109/SANER.2018.8330260},
	doi       = {10.1109/SANER.2018.8330260},
	timestamp = {Fri, 11 May 2018 12:42:29 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/wcre/LiangWCJZ18},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{18-fuzz,
	title={Fuzzing: A survey},
	author={Li, Jun and Zhao, Bodong and Zhang, Chao},
	journal={Cybersecurity},
	volume={1},
	number={1},
	pages={6},
	year={2018},
	publisher={Springer}
}


@article{15-kernel-sv,
	author    = {Ilja S. Zakharov and
	Mikhail U. Mandrykin and
	Vadim S. Mutilin and
	Evgeny Novikov and
	Alexander K. Petrenko and
	Alexey V. Khoroshilov},
	title     = {Configurable toolset for static verification of operating systems
	kernel modules},
	journal   = {Programming and Computer Software},
	volume    = {41},
	number    = {1},
	pages     = {49--64},
	year      = {2015},
	url       = {https://doi.org/10.1134/S0361768815010065},
	doi       = {10.1134/S0361768815010065},
	timestamp = {Sat, 16 Sep 2017 12:04:03 +0200},
	biburl    = {https://dblp.org/rec/bib/journals/pcs/ZakharovMMNPK15},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@article{08-ieee-static,
	title={Using static analysis to find bugs},
	author={Ayewah, Nathaniel and Hovemeyer, David and Morgenthaler, J David and Penix, John and Pugh, William},
	journal={IEEE software},
	volume={25},
	number={5},
	pages={22--29},
	year={2008},
	publisher={IEEE}
}

@article{08-tcad-sv,
	title={A survey of automated techniques for formal software verification},
	author={D'silva, Vijay and Kroening, Daniel and Weissenbacher, Georg},
	journal={IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems},
	volume={27},
	number={7},
	pages={1165--1178},
	year={2008},
	publisher={IEEE}
}

@article{rp,
	title={Program analysis via graph reachability},
	author={Reps, Thomas},
	journal={Information and software technology},
	volume={40},
	number={11-12},
	pages={701--726},
	year={1998},
	publisher={Elsevier}
}

@online{slam,
	title =       {SLAM: a project for checking that software satisfies critical behavioral properties of the interfaces.},
	citedate =    {2019-02-18},
	url =         {https://www.microsoft.com/en-us/research/project/slam/},
}


@inproceedings{02-acm-slam,
	title={The SLAM project: debugging system software via static analysis},
	author={Ball, Thomas and Rajamani, Sriram K},
	booktitle={ACM SIGPLAN Notices},
	volume={37},
	number={1},
	pages={1--3},
	year={2002},
	organization={ACM},
	url       = {https://doi.org/10.1145/503272.503274}
}

@inproceedings{00-cav-counter,
	title={Counterexample-guided abstraction refinement},
	author={Clarke, Edmund and Grumberg, Orna and Jha, Somesh and Lu, Yuan and Veith, Helmut},
	booktitle={International Conference on Computer Aided Verification},
	pages={154--169},
	year={2000},
	organization={Springer},
	url       = {https://doi.org/10.1007/10722167\_15},
	doi       = {10.1007/10722167\_15},
}

@article{02-acm-abs,
	title={Lazy abstraction},
	author={Henzinger, Thomas A and Jhala, Ranjit and Majumdar, Rupak and Sutre, Gr{\'e}goire},
	journal={ACM SIGPLAN Notices},
	volume={37},
	number={1},
	pages={58--70},
	year={2002},
	publisher={ACM},
	url       = {https://doi.org/10.1145/503272.503279},
	doi       = {10.1145/503272.503279},
}

@article{11-acm-slam,
	title={A decade of software model checking with SLAM},
	author={Ball, Thomas and Levin, Vladimir and Rajamani, Sriram K},
	journal={Communications of the ACM},
	volume={54},
	number={7},
	pages={68--76},
	year={2011},
	publisher={Citeseer},
	url       = {https://doi.org/10.1145/1965724.1965743},
	doi       = {10.1145/1965724.1965743}
}

@inproceedings{10-cad-slam,
	title={SLAM2: Static driver verification with under 4\% false alarms},
	author={Ball, Thomas and Bounimova, Ella and Kumar, Rahul and Levin, Vladimir},
	booktitle={Proceedings of the 2010 Conference on Formal Methods in Computer-Aided Design},
	pages={35--42},
	year={2010},
	organization={FMCAD Inc},
	url       = {http://ieeexplore.ieee.org/document/5770931/}
}
@TechReport{01-slic,
	author = {Ball, Tom and Rajamani, Sriram},
	title = {SLIC: A Specification Language for Interface Checking (of C)},
	year = {2002},
	month = {January},
	url = {https://www.microsoft.com/en-us/research/publication/slic-a-specification-language-for-interface-checking-of-c/},
	pages = {1-12},
}


@inproceedings{07-cav-cpachecker,
	title={Configurable software verification: Concretizing the convergence of model checking and program analysis},
	author={Beyer, Dirk and Henzinger, Thomas A and Th{\'e}oduloz, Gr{\'e}gory},
	booktitle={International Conference on Computer Aided Verification},
	pages={504--518},
	year={2007},
	organization={Springer},
	url       = {https://doi.org/10.1007/978-3-540-73368-3\_51},
	doi       = {10.1007/978-3-540-73368-3\_51}
}

@inproceedings{14-tacas-cbmc,
	author    = {Daniel Kroening and
	Michael Tautschnig},
	title     = {{CBMC} - {C} Bounded Model Checker - (Competition Contribution)},
	booktitle = {Tools and Algorithms for the Construction and Analysis of Systems
	- 20th International Conference, {TACAS} 2014, Held as Part of the
	European Joint Conferences on Theory and Practice of Software, {ETAPS}
	2014, Grenoble, France, April 5-13, 2014. Proceedings},
	pages     = {389--391},
	year      = {2014},
	url       = {https://doi.org/10.1007/978-3-642-54862-8\_26},
	doi       = {10.1007/978-3-642-54862-8\_26},
	timestamp = {Tue, 26 Jun 2018 14:11:56 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/tacas/KroeningT14},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{14-cav-smack,
	author    = {Zvonimir Rakamaric and
	Michael Emmi},
	title     = {{SMACK:} Decoupling Source Language Details from Verifier Implementations},
	booktitle = {Computer Aided Verification - 26th International Conference, {CAV}
	2014, Held as Part of the Vienna Summer of Logic, {VSL} 2014, Vienna,
	Austria, July 18-22, 2014. Proceedings},
	pages     = {106--113},
	year      = {2014},
	url       = {https://doi.org/10.1007/978-3-319-08867-9\_7},
	doi       = {10.1007/978-3-319-08867-9\_7},
	timestamp = {Wed, 03 Oct 2018 12:55:01 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/cav/RakamaricE14},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{07-ase-ddverify,
	author    = {Thomas Witkowski and
	Nicolas Blanc and
	Daniel Kroening and
	Georg Weissenbacher},
	editor    = {R. E. Kurt Stirewalt and
	Alexander Egyed and
	Bernd Fischer},
	title     = {Model checking concurrent linux device drivers},
	booktitle = {22nd {IEEE/ACM} International Conference on Automated Software Engineering
	{(ASE} 2007), November 5-9, 2007, Atlanta, Georgia, {USA}},
	pages     = {501--504},
	publisher = {{ACM}},
	year      = {2007},
	url       = {https://doi.org/10.1145/1321631.1321719},
	doi       = {10.1145/1321631.1321719},
	timestamp = {Tue, 06 Nov 2018 16:58:23 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/kbse/WitkowskiBKW07},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@article{09-avinux,
	author    = {Hendrik Post and
	Carsten Sinz and
	Wolfgang K{\"{u}}chlin},
	title     = {Towards automatic software model checking of thousands of Linux modules
	- a case study with Avinux},
	journal   = {Softw. Test., Verif. Reliab.},
	volume    = {19},
	number    = {2},
	pages     = {155--172},
	year      = {2009},
	url       = {https://doi.org/10.1002/stvr.399},
	doi       = {10.1002/stvr.399},
	timestamp = {Sun, 28 May 2017 13:23:53 +0200},
	biburl    = {https://dblp.org/rec/bib/journals/stvr/PostSK09},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{blast,
author    = {Dirk Beyer and
Adam Chlipala and
Thomas A. Henzinger and
Ranjit Jhala and
Rupak Majumdar},
editor    = {Roberto Giacobazzi},
title     = {The Blast Query Language for Software Verification.},
booktitle = {Static Analysis, 11th International Symposium, {SAS} 2004, Verona,
Italy, August 26-28, 2004, Proceedings},
series    = {Lecture Notes in Computer Science},
volume    = {3148},
pages     = {2--18},
publisher = {Springer},
year      = {2004},
url       = {https://doi.org/10.1007/978-3-540-27864-1\_2},
doi       = {10.1007/978-3-540-27864-1\_2},
timestamp = {Tue, 30 May 2017 12:57:44 +0200},
biburl    = {https://dblp.org/rec/bib/conf/sas/BeyerCHJM04},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

@misc{acsl,
	title={ACSL: ANSI C Specification Language},
	author={Baudin, Patrick and Filli{\^a}tre, Jean-Christophe and March{\'e}, Claude and Monate, Benjamin and Moy, Yannick and Prevosto, Virgile},
	year={2008},
	url="https://frama-c.com/download/acsl_1.4.pdf"
}

@article{06-cost,
	title={Defect prevention: reducing costs and enhancing quality},
	author={Soni, Mukesh},
	journal={iSixSigma. com},
	volume={19},
	year={2006},
	url="https://www.isixsigma.com/tools-templates/software/defect-prevention-reducing-costs-and-enhancing-quality/"
}

@inproceedings{00-osdi-npd,
	author    = {Dawson R. Engler and
	Benjamin Chelf and
	Andy Chou and
	Seth Hallem},
	editor    = {Michael B. Jones and
	M. Frans Kaashoek},
	title     = {Checking System Rules Using System-Specific, Programmer-Written Compiler
	Extensions},
	booktitle = {4th Symposium on Operating System Design and Implementation {(OSDI}
	2000), San Diego, California, USA, October 23-25, 2000},
	pages     = {1--16},
	publisher = {{USENIX} Association},
	year      = {2000},
	url       = {http://dl.acm.org/citation.cfm?id=1251230},
	timestamp = {Wed, 04 Jul 2018 13:06:35 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/osdi/EnglerCCH00},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}



@inproceedings{09-dsn-linux,
	author    = {Julia L. Lawall and
	Julien Brunel and
	Nicolas Palix and
	Ren{\'{e}} Rydhof Hansen and
	Henrik Stuart and
	Gilles Muller},
	title     = {{WYSIWIB:} {A} declarative approach to finding {API} protocols and
	bugs in Linux code},
	booktitle = {Proceedings of the 2009 {IEEE/IFIP} International Conference on Dependable
	Systems and Networks, {DSN} 2009, Estoril, Lisbon, Portugal, June
	29 - July 2, 2009},
	pages     = {43--52},
	publisher = {{IEEE} Computer Society},
	year      = {2009},
	url       = {https://doi.org/10.1109/DSN.2009.5270354},
	doi       = {10.1109/DSN.2009.5270354},
	timestamp = {Thu, 07 Feb 2019 16:03:10 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/dsn/LawallBPHSM09},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@online{wiki-static-tool,
	title =       {List of tools for static code analysis.},
	citedate =    {2019-02-18},
	url =         {https://en.wikipedia.org/wiki/List\_of\_tools\_for\_static\_code\_analysis},
}

@online{clang-sa,
	title =       {Clang Static Analyzer.},
	citedate =    {2019-02-18},
	url =         {http://clang-analyzer.llvm.org/},
}

@online{cppcheck,
	title =       {Cppcheck: a tool for static C/C++ code analysis.},
	citedate =    {2019-02-18},
	url =         {http://cppcheck.sourceforge.net/},
}

@online{infer,
	title =       {Infer: A tool to detect bugs in Java and C/C++/Objective-C code before it ships.},
	citedate =    {2019-02-18},
	url =         {https://fbinfer.com/},
}

@online{sparse,
	title =       {Sparse: a tool for static code analysis that helps kernel developers to detect coding errors.},
	citedate =    {2019-02-18},
	url =         {https://kernelnewbies.org/Sparse},
}


@online{splint,
	title =       {Splint: a tool for statically checking C programs for coding errors and security vulnerabilities.},
	citedate =    {2019-02-18},
	url =         {https://sourceforge.net/projects/splint/},
}

@inproceedings{15-sp-sslint,
	author    = {Boyuan He and
	Vaibhav Rastogi and
	Yinzhi Cao and
	Yan Chen and
	V. N. Venkatakrishnan and
	Runqing Yang and
	Zhenrui Zhang},
	title     = {Vetting {SSL} Usage in Applications with {SSLINT}},
	booktitle = {2015 {IEEE} Symposium on Security and Privacy, {SP} 2015, San Jose,
	CA, USA, May 17-21, 2015},
	pages     = {519--534},
	publisher = {{IEEE} Computer Society},
	year      = {2015},
	url       = {https://doi.org/10.1109/SP.2015.38},
	doi       = {10.1109/SP.2015.38},
	timestamp = {Fri, 20 Oct 2017 12:19:26 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/sp/HeRCCVYZ15},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@online{llvm,
	title =       {The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.},
	citedate =    {2019-02-18},
	url =         {http://llvm.org/},
}

@article{13-acm-se,
	title={Symbolic execution for software testing: three decades later.},
	author={Cadar, Cristian and Sen, Koushik},
	journal={Commun. ACM},
	volume={56},
	number={2},
	pages={82--90},
	year={2013}
}

@article{13survey,
	author    = {Martin P. Robillard and
	Eric Bodden and
	David Kawrykow and
	Mira Mezini and
	Tristan Ratchford},
	title     = {Automated {API} Property Inference Techniques},
	journal   = {{IEEE} Trans. Software Eng.},
	volume    = {39},
	number    = {5},
	pages     = {613--637},
	year      = {2013},
	url       = {https://doi.org/10.1109/TSE.2012.63},
	doi       = {10.1109/TSE.2012.63},
	timestamp = {Fri, 02 Nov 2018 09:33:03 +0100},
	biburl    = {https://dblp.org/rec/bib/journals/tse/RobillardBKMR13},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{01-sosp-mining,
	author    = {Dawson R. Engler and
	David Yu Chen and
	Andy Chou},
	title     = {Bugs as Inconsistent Behavior: {A} General Approach to Inferring Errors
	in Systems Code},
	booktitle = {Proceedings of the 18th {ACM} Symposium on Operating System Principles,
	{SOSP} 2001, Chateau Lake Louise, Banff, Alberta, Canada, October
	21-24, 2001},
	pages     = {57--72},
	year      = {2001},
	url       = {https://doi.org/10.1145/502034.502041},
	doi       = {10.1145/502034.502041},
	timestamp = {Tue, 06 Nov 2018 16:59:32 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/sosp/EnglerCC01},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{03-fimi-frequent,
	author    = {G{\"{o}}sta Grahne and
	Jianfei Zhu},
	editor    = {Bart Goethals and
	Mohammed Javeed Zaki},
	title     = {Efficiently Using Prefix-trees in Mining Frequent Itemsets},
	booktitle = {{FIMI} '03, Frequent Itemset Mining Implementations, Proceedings of
	the {ICDM} 2003 Workshop on Frequent Itemset Mining Implementations,
	19 December 2003, Melbourne, Florida, {USA}},
	series    = {{CEUR} Workshop Proceedings},
	volume    = {90},
	publisher = {CEUR-WS.org},
	year      = {2003},
	url       = {http://ceur-ws.org/Vol-90/grahne.pdf},
	timestamp = {Mon, 30 May 2016 15:43:43 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/fimi/GrahneZ03},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{05-fse-prminer,
	author    = {Zhenmin Li and
	Yuanyuan Zhou},
	title     = {PR-Miner: automatically extracting implicit programming rules and
	detecting violations in large software code},
	booktitle = {Proceedings of the 10th European Software Engineering Conference held
	jointly with 13th {ACM} {SIGSOFT} International Symposium on Foundations
	of Software Engineering, 2005, Lisbon, Portugal, September 5-9, 2005},
	pages     = {306--315},
	year      = {2005},
	url       = {https://doi.org/10.1145/1081706.1081755},
	doi       = {10.1145/1081706.1081755},
	timestamp = {Tue, 06 Nov 2018 16:59:23 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/sigsoft/LiZ05},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@article{15-tosem-boa,
	author    = {Robert Dyer and
	Hoan Anh Nguyen and
	Hridesh Rajan and
	Tien N. Nguyen},
	title     = {Boa: Ultra-Large-Scale Software Repository and Source-Code Mining},
	journal   = {{ACM} Trans. Softw. Eng. Methodol.},
	volume    = {25},
	number    = {1},
	pages     = {7:1--7:34},
	year      = {2015},
	url       = {https://doi.org/10.1145/2803171},
	doi       = {10.1145/2803171},
	timestamp = {Tue, 06 Nov 2018 12:51:20 +0100},
	biburl    = {https://dblp.org/rec/bib/journals/tosem/0001NRN15},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}



@inproceedings{07-fse-temporal,
	author    = {Andrzej Wasylkowski and
	Andreas Zeller and
	Christian Lindig},
	title     = {Detecting object usage anomalies},
	booktitle = {Proceedings of the 6th joint meeting of the European Software Engineering
	Conference and the {ACM} {SIGSOFT} International Symposium on Foundations
	of Software Engineering, 2007, Dubrovnik, Croatia, September 3-7,
	2007},
	pages     = {35--44},
	year      = {2007},
	url       = {https://doi.org/10.1145/1287624.1287632},
	doi       = {10.1145/1287624.1287632},
	timestamp = {Tue, 06 Nov 2018 16:59:22 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/sigsoft/WasylkowskiZL07},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{09-ase-sequence,
	author    = {Suresh Thummalapenta and
	Tao Xie},
	title     = {Alattin: Mining Alternative Patterns for Detecting Neglected Conditions},
	booktitle = {{ASE} 2009, 24th {IEEE/ACM} International Conference on Automated
	Software Engineering, Auckland, New Zealand, November 16-20, 2009},
	pages     = {283--294},
	publisher = {{IEEE} Computer Society},
	year      = {2009},
	url       = {https://doi.org/10.1109/ASE.2009.72},
	doi       = {10.1109/ASE.2009.72},
	timestamp = {Fri, 06 Oct 2017 17:24:21 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/kbse/ThummalapentaX09},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{14-fse-pre,
author    = {Hoan Anh Nguyen and
Robert Dyer and
Tien N. Nguyen and
Hridesh Rajan},
editor    = {Shing{-}Chi Cheung and
Alessandro Orso and
Margaret{-}Anne D. Storey},
title     = {Mining preconditions of APIs in large-scale code corpus},
booktitle = {Proceedings of the 22nd {ACM} {SIGSOFT} International Symposium on
Foundations of Software Engineering, (FSE-22), Hong Kong, China, November
16 - 22, 2014},
pages     = {166--177},
publisher = {{ACM}},
year      = {2014},
url       = {https://doi.org/10.1145/2635868.2635924},
doi       = {10.1145/2635868.2635924},
timestamp = {Tue, 06 Nov 2018 16:59:23 +0100},
biburl    = {https://dblp.org/rec/bib/conf/sigsoft/Nguyen0NR14},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{16-ase-apex,
	author    = {Yuan Jochen Kang and
	Baishakhi Ray and
	Suman Jana},
	editor    = {David Lo and
	Sven Apel and
	Sarfraz Khurshid},
	title     = {APEx: automated inference of error specifications for {C} APIs},
	booktitle = {Proceedings of the 31st {IEEE/ACM} International Conference on Automated
	Software Engineering, {ASE} 2016, Singapore, September 3-7, 2016},
	pages     = {472--482},
	publisher = {{ACM}},
	year      = {2016},
	url       = {https://doi.org/10.1145/2970276.2970354},
	doi       = {10.1145/2970276.2970354},
	timestamp = {Tue, 06 Nov 2018 16:58:23 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/kbse/KangRJ16},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{16-sec-apisan,
	author    = {Insu Yun and
	Changwoo Min and
	Xujie Si and
	Yeongjin Jang and
	Taesoo Kim and
	Mayur Naik},
	editor    = {Thorsten Holz and
	Stefan Savage},
	title     = {APISan: Sanitizing {API} Usages through Semantic Cross-Checking},
	booktitle = {25th {USENIX} Security Symposium, {USENIX} Security 16, Austin, TX,
	USA, August 10-12, 2016.},
	pages     = {363--378},
	publisher = {{USENIX} Association},
	year      = {2016},
	url       = {https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/yun},
	timestamp = {Mon, 05 Sep 2016 15:43:05 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/uss/YunMSJKN16},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{16-icse-antminer,
	author    = {Bin Liang and
	Pan Bian and
	Yan Zhang and
	Wenchang Shi and
	Wei You and
	Yan Cai},
	editor    = {Laura K. Dillon and
	Willem Visser and
	Laurie Williams},
	title     = {AntMiner: mining more bugs by reducing noise interference},
	booktitle = {Proceedings of the 38th International Conference on Software Engineering,
	{ICSE} 2016, Austin, TX, USA, May 14-22, 2016},
	pages     = {333--344},
	publisher = {{ACM}},
	year      = {2016},
	url       = {https://doi.org/10.1145/2884781.2884870},
	doi       = {10.1145/2884781.2884870},
	timestamp = {Tue, 06 Nov 2018 11:06:56 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/icse/LiangBZSYC16},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{19-icse-imchecker,
	author    = {Zuxing Gu and
	Jiecheng Wu and
	Chi Li and Min Zhou and Yu Jiang and Ming Gu and Jiaguang Sun
	},
	title     = {Vetting API Usages in C Programs with IMChecker},
	booktitle = {41th International Conference on Software Engineering, {ICSE} '19,
	Montreal, QC, Canada, May 25-31, 2019},
	pages={1-1 (Early Access)},
	year      = {2019},
	url = "http://tomgu1991.github.io/blog/Research/ICSE-Demo-592.pdf"
}

@inproceedings{19-tase-imspec,
	author    = {Zuxing Gu and
	Min Zhou and Jiecheng Wu and 
	Yu Jiang and Jiaxiang Liu and Ming Gu
	},
	title     = {An Extensible Approach to Exploring the Incorrect Usage of APIs},
	booktitle = { The 13th International Symposium on Theoretical Aspects of Software Engineering, Guilin, China, 29 July - 1 August, 2019},
	pages={1-1 (Early Access)},
	year      = {2019},
	url = "https://tomgu1991.github.io/blog/Research/tase19-paper16.pdf"
}

@inproceedings{19-compsac-empirical,
	author    = {Zuxing Gu and
	Jiecheng Wu and
	Jiaxiang Liu and Min Zhou and Ming Gu
	},
	title     = {An Empirical Study on API-Misuse Bugs in Open-Source C Programs},
	booktitle = { {COMPSAC} 2019,	Milwaukee, Wisconsin, USA, July 15-19, 2019},
	pages={1-1 (Early Access)},
	year      = {2019},
	url = "https://tomgu1991.github.io/blog/Research/compsac19-paper15.pdf"
}

@online{juliet,
	title =       {Juliet Test Suite.},
	citedate =    {2019-02-18},
	url =         {https://samate.nist.gov/SRD/testsuite.php},
}

@article{survey12,
	author    = {John Hatcliff and
	Gary T. Leavens and
	K. Rustan M. Leino and
	Peter M{\"{u}}ller and
	Matthew J. Parkinson},
	title     = {Behavioral interface specification languages},
	journal   = {{ACM} Comput. Surv.},
	volume    = {44},
	number    = {3},
	pages     = {16:1--16:58},
	year      = {2012},
	url       = {https://doi.org/10.1145/2187671.2187678},
	doi       = {10.1145/2187671.2187678},
	timestamp = {Tue, 06 Nov 2018 12:50:47 +0100},
	biburl    = {https://dblp.org/rec/bib/journals/csur/HatcliffLLMP12},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@article{92-ieee-contract,
	author    = {Bertrand Meyer},
	title     = {Applying "Design by Contract"},
	journal   = {{IEEE} Computer},
	volume    = {25},
	number    = {10},
	pages     = {40--51},
	year      = {1992},
	url       = {https://doi.org/10.1109/2.161279},
	doi       = {10.1109/2.161279},
	timestamp = {Mon, 30 Oct 2017 11:35:06 +0100},
	biburl    = {https://dblp.org/rec/bib/journals/computer/Meyer92},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@article{17-tse-survey,
	title={An empirical study on API usages},
	author={Zhong, Hao and Mei, Hong},
	journal={IEEE Transactions on Software Engineering},
	year={2017},
	publisher={IEEE},
	url="http://ieeexplore.ieee.org/document/8186224/"
}

@inproceedings{12-fse-parallel,
	author    = {Semih Okur and
	Danny Dig},
	title     = {How do developers use parallel libraries?},
	booktitle = {20th {ACM} {SIGSOFT} Symposium on the Foundations of Software Engineering
	(FSE-20), SIGSOFT/FSE'12, Cary, NC, {USA} - November 11 - 16, 2012},
	pages     = {54},
	year      = {2012},
	url       = {https://doi.org/10.1145/2393596.2393660},
	doi       = {10.1145/2393596.2393660},
	timestamp = {Tue, 06 Nov 2018 16:59:23 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/sigsoft/OkurD12},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{12-fse-deprecation,
	author    = {Romain Robbes and
	Mircea Lungu and
	David R{\"{o}}thlisberger},
	title     = {How do developers react to {API} deprecation?: the case of a smalltalk
	ecosystem},
	booktitle = {20th {ACM} {SIGSOFT} Symposium on the Foundations of Software Engineering
	(FSE-20), SIGSOFT/FSE'12, Cary, NC, {USA} - November 11 - 16, 2012},
	pages     = {56},
	year      = {2012},
	url       = {https://doi.org/10.1145/2393596.2393662},
	doi       = {10.1145/2393596.2393662},
	timestamp = {Tue, 06 Nov 2018 16:59:23 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/sigsoft/RobbesLR12},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@article{18-sqj-evolution,
	author    = {Andr{\'{e}} C. Hora and
	Romain Robbes and
	Marco Tulio Valente and
	Nicolas Anquetil and
	Anne Etien and
	St{\'{e}}phane Ducasse},
	title     = {How do developers react to {API} evolution? {A} large-scale empirical
	study},
	journal   = {Software Quality Journal},
	volume    = {26},
	number    = {1},
	pages     = {161--191},
	year      = {2018},
	url       = {https://doi.org/10.1007/s11219-016-9344-4},
	doi       = {10.1007/s11219-016-9344-4},
	timestamp = {Fri, 30 Nov 2018 13:26:25 +0100},
	biburl    = {https://dblp.org/rec/bib/journals/sqj/HoraRVAED18},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{11-etaps-doc,
	author    = {Lin Shi and
	Hao Zhong and
	Tao Xie and
	Mingshu Li},
	title     = {An Empirical Study on Evolution of {API} Documentation},
	booktitle = {Fundamental Approaches to Software Engineering - 14th International
	Conference, {FASE} 2011, Held as Part of the Joint European Conferences
	on Theory and Practice of Software, {ETAPS} 2011, Saarbr{\"{u}}cken,
	Germany, March 26-April 3, 2011. Proceedings},
	pages     = {416--431},
	year      = {2011},
	url       = {https://doi.org/10.1007/978-3-642-19811-3\_29},
	doi       = {10.1007/978-3-642-19811-3\_29},
	timestamp = {Tue, 26 Jun 2018 14:11:38 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/fase/ShiZXL11},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@article{15-ese-evolution,
	author    = {Wei Wu and
	Adrien Serveaux and
	Yann{-}Ga{\"{e}}l Gu{\'{e}}h{\'{e}}neuc and
	Giuliano Antoniol},
	title     = {The impact of imperfect change rules on framework {API} evolution
	identification: an empirical study},
	journal   = {Empirical Software Engineering},
	volume    = {20},
	number    = {4},
	pages     = {1126--1158},
	year      = {2015},
	url       = {https://doi.org/10.1007/s10664-014-9317-9},
	doi       = {10.1007/s10664-014-9317-9},
	timestamp = {Sun, 28 May 2017 13:22:43 +0200},
	biburl    = {https://dblp.org/rec/bib/journals/ese/WuSGA15},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@article{11-ese-learning,
	author    = {Martin P. Robillard and
	Robert DeLine},
	title     = {A field study of {API} learning obstacles},
	journal   = {Empirical Software Engineering},
	volume    = {16},
	number    = {6},
	pages     = {703--732},
	year      = {2011},
	url       = {https://doi.org/10.1007/s10664-010-9150-8},
	doi       = {10.1007/s10664-010-9150-8},
	timestamp = {Sun, 28 May 2017 13:22:43 +0200},
	biburl    = {https://dblp.org/rec/bib/journals/ese/RobillardD11},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@article{15-tse-change,
	author    = {Gabriele Bavota and
	Mario Linares V{\'{a}}squez and
	Carlos Eduardo Bernal{-}C{\'{a}}rdenas and
	Massimiliano Di Penta and
	Rocco Oliveto and
	Denys Poshyvanyk},
	title     = {The Impact of {API} Change- and Fault-Proneness on the User Ratings
	of Android Apps},
	journal   = {{IEEE} Trans. Software Eng.},
	volume    = {41},
	number    = {4},
	pages     = {384--407},
	year      = {2015},
	url       = {https://doi.org/10.1109/TSE.2014.2367027},
	doi       = {10.1109/TSE.2014.2367027},
	timestamp = {Mon, 06 Nov 2017 12:13:54 +0100},
	biburl    = {https://dblp.org/rec/bib/journals/tse/BavotaVBPOP15},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{13-etaps-mapping,
	author    = {Hao Zhong and
	Suresh Thummalapenta and
	Tao Xie},
	title     = {Exposing Behavioral Differences in Cross-Language {API} Mapping Relations},
	booktitle = {Fundamental Approaches to Software Engineering - 16th International
	Conference, {FASE} 2013, Held as Part of the European Joint Conferences
	on Theory and Practice of Software, {ETAPS} 2013, Rome, Italy, March
	16-24, 2013. Proceedings},
	pages     = {130--145},
	year      = {2013},
	url       = {https://doi.org/10.1007/978-3-642-37057-1\_10},
	doi       = {10.1007/978-3-642-37057-1\_10},
	timestamp = {Tue, 26 Jun 2018 14:11:38 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/fase/ZhongTX13},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{05-vstte-spec,
	author    = {Michael Barnett and
	Robert DeLine and
	Manuel F{\"{a}}hndrich and
	Bart Jacobs and
	K. Rustan M. Leino and
	Wolfram Schulte and
	Herman Venter},
	title     = {The Spec{\#} Programming System: Challenges and Directions},
	booktitle = {Verified Software: Theories, Tools, Experiments, First {IFIP} {TC}
	2/WG 2.3 Conference, {VSTTE} 2005, Zurich, Switzerland, October 10-13,
	2005, Revised Selected Papers and Discussions},
	pages     = {144--152},
	year      = {2005},
	url       = {https://doi.org/10.1007/978-3-540-69149-5\_16},
	doi       = {10.1007/978-3-540-69149-5\_16},
	timestamp = {Wed, 14 Nov 2018 10:51:58 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/vstte/BarnettDFJLSV05},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{16-sec-epex,
	author    = {Suman Jana and
	Yuan Jochen Kang and
	Samuel Roth and
	Baishakhi Ray},
	title     = {Automatically Detecting Error Handling Bugs Using Error Specifications},
	booktitle = {25th {USENIX} Security Symposium, {USENIX} Security 16, Austin, TX,
	USA, August 10-12, 2016.},
	pages     = {345--362},
	year      = {2016},
	url       = {https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/jana},
	timestamp = {Mon, 05 Sep 2016 15:43:05 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/uss/JanaKRR16},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{16-rv-framac,
	author    = {Nikolai Kosmatov and
	Julien Signoles},
	title     = {Frama-C, {A} Collaborative Framework for {C} Code Verification: Tutorial
	Synopsis},
	booktitle = {Runtime Verification - 16th International Conference, {RV} 2016, Madrid,
	Spain, September 23-30, 2016, Proceedings},
	pages     = {92--115},
	year      = {2016},
	url       = {https://doi.org/10.1007/978-3-319-46982-9\_7},
	doi       = {10.1007/978-3-319-46982-9\_7},
	timestamp = {Wed, 17 May 2017 14:24:47 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/rv/KosmatovS16},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{18-sigmod-cypher,
	author    = {Nadime Francis and
	Alastair Green and
	Paolo Guagliardo and
	Leonid Libkin and
	Tobias Lindaaker and
	Victor Marsault and
	Stefan Plantikow and
	Mats Rydberg and
	Petra Selmer and
	Andr{\'{e}}s Taylor},
	title     = {Cypher: An Evolving Query Language for Property Graphs},
	booktitle = {Proceedings of the 2018 International Conference on Management of
	Data, {SIGMOD} Conference 2018, Houston, TX, USA, June 10-15, 2018},
	pages     = {1433--1445},
	year      = {2018},
	url       = {https://doi.org/10.1145/3183713.3190657},
	doi       = {10.1145/3183713.3190657},
	timestamp = {Wed, 21 Nov 2018 12:44:08 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/sigmod/FrancisGGLLMPRS18},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{16-saner-evaluation,
	author    = {Moritz Beller and
	Radjino Bholanath and
	Shane McIntosh and
	Andy Zaidman},
	title     = {Analyzing the State of Static Analysis: {A} Large-Scale Evaluation
	in Open Source Software},
	booktitle = {{IEEE} 23rd International Conference on Software Analysis, Evolution,
	and Reengineering, {SANER} 2016, Suita, Osaka, Japan, March 14-18,
	2016 - Volume 1},
	pages     = {470--481},
	year      = {2016},
	url       = {https://doi.org/10.1109/SANER.2016.105},
	doi       = {10.1109/SANER.2016.105},
	timestamp = {Thu, 15 Jun 2017 21:33:00 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/wcre/BellerBMZ16},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{09-icse-exception,
	author    = {Suresh Thummalapenta and
	Tao Xie},
	title     = {Mining exception-handling rules as sequence association rules},
	booktitle = {31st International Conference on Software Engineering, {ICSE} 2009,
	May 16-24, 2009, Vancouver, Canada, Proceedings},
	pages     = {496--506},
	year      = {2009},
	url       = {https://doi.org/10.1109/ICSE.2009.5070548},
	doi       = {10.1109/ICSE.2009.5070548},
	timestamp = {Fri, 06 Oct 2017 17:24:21 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/icse/ThummalapentaX09},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{07-fse-object,
	author    = {Andrzej Wasylkowski and
	Andreas Zeller and
	Christian Lindig},
	title     = {Detecting object usage anomalies},
	booktitle = {Proceedings of the 6th joint meeting of the European Software Engineering
	Conference and the {ACM} {SIGSOFT} International Symposium on Foundations
	of Software Engineering, 2007, Dubrovnik, Croatia, September 3-7,
	2007},
	pages     = {35--44},
	year      = {2007},
	url       = {https://doi.org/10.1145/1287624.1287632},
	doi       = {10.1145/1287624.1287632},
	timestamp = {Tue, 06 Nov 2018 16:59:22 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/sigsoft/WasylkowskiZL07},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@article{09-ieee-classification,
	title={IEEE Standard Classification for Software Anomalies},
	author={Zubrow, D},
	journal={IEEE Computer Society},
	year={2009}
}


@article{92-tse-odc,
	author    = {Ram Chillarege and
	Inderpal S. Bhandari and
	Jarir K. Chaar and
	Michael J. Halliday and
	Diane S. Moebus and
	Bonnie K. Ray and
	Man{-}Yuen Wong},
	title     = {Orthogonal Defect Classification - {A} Concept for In-Process Measurements},
	journal   = {{IEEE} Trans. Software Eng.},
	volume    = {18},
	number    = {11},
	pages     = {943--956},
	year      = {1992},
	url       = {https://doi.org/10.1109/32.177364},
	doi       = {10.1109/32.177364},
	timestamp = {Wed, 17 May 2017 10:56:38 +0200},
	biburl    = {https://dblp.org/rec/bib/journals/tse/ChillaregeBCHMRW92},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@article{12-ese-directive,
	author    = {Martin Monperrus and
	Michael Eichberg and
	Elif Tekes and
	Mira Mezini},
	title     = {What should developers be aware of? An empirical study on the directives
	of {API} documentation},
	journal   = {Empirical Software Engineering},
	volume    = {17},
	number    = {6},
	pages     = {703--737},
	year      = {2012},
	url       = {https://doi.org/10.1007/s10664-011-9186-4},
	doi       = {10.1007/s10664-011-9186-4},
	timestamp = {Wed, 14 Nov 2018 10:41:44 +0100},
	biburl    = {https://dblp.org/rec/bib/journals/ese/MonperrusETM12},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@online{linux,
	title = {Source code of Linux kernel V4.18-rc4.},
	url = {https://github.com/torvalds/linux/releases/tag/v4.18-rc4},
	citedate =    {2019-02-22}
}

@online{ffmpeg,
	title = {FFmpeg: a collection of libraries and tools to process multimedia content.},
	url = "{https://github.com/FFmpeg/FFmpeg}",
	citedate =    {2019-02-22}
}

@online{curl,
	title = {Curl: a command line tool and library for transferring data with URL syntax.},
	url = "{https://github.com/curl/curl}",
	citedate =    {2019-02-22}
}

@online{freerdp,
	title = {FreeRDP: a free remote desktop protocol library and clients.},
	url = "{https://github.com/FreeRDP/FreeRDP}",
	citedate =    {2019-02-22} 
}

@online{httpd,
	title = {Httpd: a powerful and flexible HTTP/1.1 compliant web server.},
	url = "{https://github.com/apache/httpd}",
	citedate =    {2019-02-22} 
}

@techreport{url,
	title={Uniform resource locators (URL)},
	author={Berners-Lee, Tim and Masinter, Larry and McCahill, Mark},
	year={1994},
	url="https://tools.ietf.org/html/rfc1738"
}

@online{rdp,
	title = {Remote Desktop Protocol.},
	url = "{https://en.wikipedia.org/wiki/Remote_Desktop_Protocol}",
	citedate =    {2019-02-22} 
}

@online{CVE-2014-0092,
	title =       {CVE-2014-0092},
	citedate =    {2019-02-18},
	url =         {https://www.cvedetails.com/cve/CVE-2014-0092/}
}

@online{CVE-2015-0208,
	title =       {CVE-2015-0208},
	citedate =    {2019-02-18},
	url =         {https://www.cvedetails.com/cve/CVE-2015-0208/}
}

@online{CVE-2015-0285,
	title =       {CVE-2015-0285},
	citedate =    {2019-02-18},
	url =         {https://www.cvedetails.com/cve/CVE-2015-0285/}
}

@online{CVE-2017-3318,
	title =       {CVE-2017-3318},
	citedate =    {2019-02-18},
	url =         {https://www.cvedetails.com/cve/CVE-2017-3318/}
}

@online{CVE-2017-5350,
	title =       {CVE-2017-5350},
	citedate =    {2019-02-18},
	url =         {https://www.cvedetails.com/cve/CVE-2015-5350/}
}

@online{07-owasp,
	title =       {OWASP TOP 10.},
	citedate =    {2019-02-18},
	url =         {https://www.owasp.org/images/e/e8/OWASP_Top_10_2007.pdf}
}

@inproceedings{08-fast-eio,
	author    = {Haryadi S. Gunawi and
	Cindy Rubio{-}Gonz{\'{a}}lez and
	Andrea C. Arpaci{-}Dusseau and
	Remzi H. Arpaci{-}Dusseau and
	Ben Liblit},
	title     = {{EIO:} Error Handling is Occasionally Correct},
	booktitle = {6th {USENIX} Conference on File and Storage Technologies, {FAST} 2008,
	February 26-29, 2008, San Jose, CA, {USA}},
	pages     = {207--222},
	year      = {2008},
	url       = {http://www.usenix.org/events/fast08/tech/gunawi.html},
	timestamp = {Wed, 04 Jul 2018 13:06:35 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/fast/GunawiRAAL08},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@article{ssa,
	title={Efficiently computing static single assignment form and the control dependence graph},
	author={Cytron, Ron and Ferrante, Jeanne and Rosen, Barry K and Wegman, Mark N and Zadeck, F Kenneth},
	journal={(TOPLAS)},
	volume={13},
	number={4},
	pages={451--490},
	year={1991},
	publisher={ACM}
}

% sec3
@online{cwe-top25,
	author =      {CWE and SANS Institute},
	title =       {2011 CWE/SANS Top 25 Most Dangerous Software Errors.},
	modifydate =  {2011-07-06},
	citedate =    {2019-02-28},
	url =         {http://cwe.mitre.org/top25/},
	language =    "english",
}

@online{owasp-top10,
	author =      {	The OWASP Foundation},
	title =       {2017 OWASP Top 10 Application Security Risks.},
	modifydate =  {2018-03-27},
	citedate =    {2019-02-28},
	url =         {https://www.owasp.org/index.php/Top_10-2017_Top_10},
	language =    "english",
}

@online{pinpoint,
	author =      {源伞科技公司},
	title =       {Poinpoint静态分析工具},
	modifydate =  {2019-01-28},
	citedate =    {2019-02-28},
	url =         {https://www.sourcebrella.com/pinpoint/},
	language =    "english",
}

@online{coverity,
	author =      {	Synopsys Inc.},
	title =       {Coverity Scan Static Analysis Tool},
	modifydate =  {2019-01-28},
	citedate =    {2019-02-28},
	url =         {https://scan.coverity.com/},
	language =    "english",
}

@inproceedings{07-PLDI-RGJ07,
	author    = {Murali Krishna Ramanathan and
	Ananth Grama and
	Suresh Jagannathan},
	title     = {Static specification inference using predicate mining},
	booktitle = {Proceedings of the {ACM} {SIGPLAN} 2007 Conference on Programming
	Language Design and Implementation, San Diego, California, USA, June
	10-13, 2007},
	pages     = {123--134},
	year      = {2007},
	url       = {https://doi.org/10.1145/1250734.1250749},
	doi       = {10.1145/1250734.1250749},
	timestamp = {Tue, 06 Nov 2018 16:59:31 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/pldi/RamanathanGJ07},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{07-icse-chronicler,
	author    = {Murali Krishna Ramanathan and
	Ananth Grama and
	Suresh Jagannathan},
	title     = {Path-Sensitive Inference of Function Precedence Protocols},
	booktitle = {29th International Conference on Software Engineering {(ICSE} 2007),
	Minneapolis, MN, USA, May 20-26, 2007},
	pages     = {240--250},
	year      = {2007},
	url       = {https://doi.org/10.1109/ICSE.2007.63},
	doi       = {10.1109/ICSE.2007.63},
	timestamp = {Tue, 23 May 2017 01:11:51 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/icse/RamanathanGJ07},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{13-dsn-hector,
	author    = {Suman Saha and
	Jean{-}Pierre Lozi and
	Ga{\"{e}}l Thomas and
	Julia L. Lawall and
	Gilles Muller},
	title     = {Hector: Detecting Resource-Release Omission Faults in error-handling
	code for systems software},
	booktitle = {2013 43rd Annual {IEEE/IFIP} International Conference on Dependable
	Systems and Networks (DSN), Budapest, Hungary, June 24-27, 2013},
	pages     = {1--12},
	year      = {2013},
	url       = {https://doi.org/10.1109/DSN.2013.6575307},
	doi       = {10.1109/DSN.2013.6575307},
	timestamp = {Sun, 21 May 2017 00:19:56 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/dsn/SahaL0LM13},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{13-ccs-chucky,
	author    = {Fabian Yamaguchi and
	Christian Wressnegger and
	Hugo Gascon and
	Konrad Rieck},
	title     = {Chucky: exposing missing checks in source code for vulnerability discovery},
	booktitle = {2013 {ACM} {SIGSAC} Conference on Computer and Communications Security,
	CCS'13, Berlin, Germany, November 4-8, 2013},
	pages     = {499--510},
	year      = {2013},
	url       = {https://doi.org/10.1145/2508859.2516665},
	doi       = {10.1145/2508859.2516665},
	timestamp = {Tue, 06 Nov 2018 11:07:29 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/ccs/YamaguchiWGR13},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{17-fse-errdoc,
	author    = {Yuchi Tian and
	Baishakhi Ray},
	title     = {Automatically diagnosing and repairing error handling bugs in {C}},
	booktitle = {Proceedings of the 2017 11th Joint Meeting on Foundations of Software
	Engineering, {ESEC/FSE} 2017, Paderborn, Germany, September 4-8, 2017},
	pages     = {752--762},
	year      = {2017},
	url       = {https://doi.org/10.1145/3106237.3106300},
	doi       = {10.1145/3106237.3106300},
	timestamp = {Tue, 06 Nov 2018 16:59:23 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/sigsoft/TianR17},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@article{12-ele-scc,
	author    = {Julien Henry and
	David Monniaux and
	Matthieu Moy},
	title     = {{PAGAI:} {A} Path Sensitive Static Analyser},
	journal   = {Electr. Notes Theor. Comput. Sci.},
	volume    = {289},
	pages     = {15--25},
	year      = {2012},
	url       = {https://doi.org/10.1016/j.entcs.2012.11.003},
	doi       = {10.1016/j.entcs.2012.11.003},
	timestamp = {Sun, 28 May 2017 13:22:57 +0200},
	biburl    = {https://dblp.org/rec/bib/journals/entcs/HenryMM12},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@online{yaml,
	author =      {Oren Ben-Kiki and
	Clark Evans and
	Ingy döt Net},
	title =       {Yaml: a human friendly data serialization standard for all programming
	languages},
	modifydate =  {2009-10-01},
	citedate =    {2019-02-28},
	url =         {http://yaml.org/},
	language =    "english",
}

@inproceedings{15-ase-accesspath,
	author    = {Johannes Lerch and
	Johannes Sp{\"{a}}th and
	Eric Bodden and
	Mira Mezini},
	title     = {Access-Path Abstraction: Scaling Field-Sensitive Data-Flow Analysis
	with Unbounded Access Paths {(T)}},
	booktitle = {30th {IEEE/ACM} International Conference on Automated Software Engineering,
	{ASE} 2015, Lincoln, NE, USA, November 9-13, 2015},
	pages     = {619--629},
	year      = {2015},
	url       = {https://doi.org/10.1109/ASE.2015.9},
	doi       = {10.1109/ASE.2015.9},
	timestamp = {Tue, 23 May 2017 01:06:51 +0200},
	biburl    = {https://dblp.org/rec/bib/conf/kbse/LerchSBM15},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}
% sec4
@inproceedings{05-bugbench,
	title={Bugbench: Benchmarks for evaluating bug detection tools},
	author={Lu, Shan and Li, Zhenmin and Qin, Feng and Tan, Lin and Zhou, Pin and Zhou, Yuanyuan},
	booktitle={Workshop on the evaluation of software defect detection tools},
	volume={5},
	year={2005},
	url="http://pages.cs.wisc.edu/~shanlu/paper/63-lu.pdf"
}

@inproceedings{14-issta-defects4j,
	author    = {Ren{\'{e}} Just and
	Darioush Jalali and
	Michael D. Ernst},
	title     = {Defects4J: a database of existing faults to enable controlled testing
	studies for Java programs},
	booktitle = {International Symposium on Software Testing and Analysis, {ISSTA}
	'14, San Jose, CA, {USA} - July 21 - 26, 2014},
	pages     = {437--440},
	year      = {2014},
	url       = {https://doi.org/10.1145/2610384.2628055},
	doi       = {10.1145/2610384.2628055},
	timestamp = {Tue, 06 Nov 2018 16:57:30 +0100},
	biburl    = {https://dblp.org/rec/bib/conf/issta/JustJE14},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@online{itc,
	title =       {Static analysis benchmarks from toyota itc.},
	citedate =    {2019-02-18},
	url =         {https://github.com/regehr/itc-benchmarks},
}

@online{tsmart,
	author =      {清华大学软件学院软件系统与工程研究所},
	title =       {Tsmart软件可信保障工具集。},
	modifydate =  {2001-12-19},
	citedate =    {2019-02-28},
	url =         {http://tsmart.tech/show.html#/tsmart},
	language =    "chinese",
}